Recovering Hidden PIX Pre-Shared Keys / Passwords
The latest Cisco TAC Newsletter had an interesting tip on recovering hidden pre-shared keys (which I’ve needed to do many times). So simple, it’s brilliant :) here’s the reprint:
There are times you will need to add configuration or make changes to a live PIX Firewall or ASA. It is common for the original pre-shared keys used in site-to-site VPNs to be mislaid or forgotten.
For example, perhaps the previous manager has left the company. It is not possible to see a copy of the configuration with the keys viewable as they are hidden as ******.
The answer is to save a copy of the configuration to a TFTP server. This file can then be viewed using any simple text document. It can also be used to re-configure the device back to its original state if necessary.
